Just so we are all on the same page, what is ransomware and what does it mean? When we thing of ransom, we typically think of kids or celebrities being kidnapped. Your kids are safe in this case, but your data is not. In a nutshell, a malicious software is installed on a device (server, laptop, computer, etc.) and threatens to block access or destroy the data unless a sum of money is paid? This malware software basically encrypts your data using the attacker’s algorithm which could be anything and once the ransom is paid, the criminal gives you the key to unlock your data. This of course assumes they give you the right key.
Symantec defines two types of ransomware in circulation today:
- Locker ransomware (computer locker): Denies access to the computer or device.
- Crypto ransomware (data locker): Prevents access to files or data. Crypto ransomware doesn’t necessarily have to use encryption to stop users from accessing their data, but the vast majority of it does.
What are the Stats?
According to the FBI here are some key stats:
Ransomware is the fastest growing malware threat, targeting users of all types – from the home user to the corporate network. On average, more than 4,000 ransomware attacks have occurred daily since January 1, 2016. This is a 300-percent increase over the approximately 1,000 attacks per day seen in 2015…
Ransomware targets home users, businesses, and government networks and can lead to temporary or permanent loss of sensitive or proprietary information, disruption to regular operations, financial losses incurred to restore systems and files, and potential harm to an organization’s reputation [and brand].
While most of us have had our credit/debit cards skimmed, these attackers are more sophisticated and typically target high-value financial data or personal health information. They hold the data until the owners can pay; and the payment ransom can be quite high; as with all things the higher the value the higher the cost.
In the end, successful attacks show weaknesses in the enterprise security model, data policies, and implemented strategies. Enterprises can mitigate these risks by ensuring strong policy in these areas:
- Firewall Rules and Protection
- Backup Procedures
- Popup Blockers for Safe Web Browsing
- Data Replication and Exposure
- Desktop Policies
- Content Filtering and Whitelisting
As with most IT endeavors, it’s always cheaper to develop your strategy and plan to protect your organization from the latest threats and leveraging technical solutions your budget can support. This is where our team can help.